Skip to main content
  1. Home
  2. Computing
  3. News

Apple finally expands its bug bounty program to accept MacOS bugs

By
Add as a preferred source on Google

Apple’s 3-year-old bug bounty program has finally, officially expanded to accept bug submissions from other Apple ecosystem platforms, including MacOS. The technology company announced its plans for the expansion just a few months ago, during the Black Hat cybersecurity conference. Apple appears to have launched the expansion of its Security Bounty program on Thursday, December 19, via a new webpage published on its site that provides further details on the updated program.

The Apple Security Bounty program is essentially a program in which Apple incentivizes security researchers to find bugs in Apple’s various operating systems and report them to the company in exchange for a pretty sizable monetary reward. As ZDNet notes, when the program was first launched in 2016, it only accepted bug reports for iOS bugs from certain researchers who had been invited to participate in the program. But as of this week, the Security Bounty program has officially expanded to not only accept MacOS bugs, but also bugs from other Apple operating systems, and it now allows the participation of all security researchers.

Recommended Videos

The newly published webpage on Apple’s website provides details on the current iteration of the Security Bounty program, including eligibility guidelines, bounty categories (and their associated maximum rewards), and instructions on how to submit a bug report. There’s even a separate page that lists example payouts for different kinds of bugs.

In addition to MacOS bugs, the program officially accepts bug reports for iOS, iPadOS, tvOS, and WatchOS. There doesn’t appear to be any MacOS specific-guidelines for submitting bug reports about it, but generally speaking, in order to be eligible for a bounty, researchers must follow three main guidelines:

  1. You have to be the first one to report the bug to Apple Product Security.
  2. A report must be submitted and it should be “clear” and contain “a working exploit.”
  3. You can’t publicize the bug until “Apple releases the security advisory for the report.”

It’s also worth noting that if the bug has “significant impact to users,” Apple will still take it into consideration for a bounty payment even if it doesn’t “fit the published bounty categories.” Also, the bounties themselves aren’t tiny. In fact, the smallest example payout listed was $25,000 and the largest payout appears to be $1 million.

Anita George
Anita George
Former Computing Writer
Anita George has been writing for Digital Trends' Computing section since 2018. So for almost six years, Anita has written…
Topics
Apple’s historically high tax for RAM upgrades on Macs has now become absurd
Mac RAM upgrade prices have doubled amid the global memory crunch
MacBook Pro.

Apple’s Mac RAM upgrades were already expensive enough to raise eyebrows. After the company’s latest round of price hikes, some of them now look ridiculous.

Apple recently raised prices across its Mac and iPad lineup, along with other products, citing rising memory and storage costs. The supply crunch is real, but Mac buyers were paying steep premiums for RAM and SSD upgrades long before this jump. Recent MacBook Pro configuration screenshots shared by 9to5Mac show how much worse the upgrade path has become.

Read more
Windows 11 is getting a new Screen Tint mode, and your eyes might thank Microsoft
Users can apply custom color overlays to reduce screen intensity and visual fatigue.
Windows 11 on a laptop

Microsoft is testing a new accessibility feature for Windows 11 called Screen Tint, and it could be one of those small additions that make a surprisingly big difference. Instead of changing your display's color temperature like Night Light, Screen Tint applies a customizable color overlay across the entire screen, making bright displays easier on the eyes during long work or gaming sessions.

A softer screen for tired eyes

Read more
Apple’s looking at a politically radioactive fix for the memory crisis, and the US government isn’t happy about it
Apple blamed memory costs for your price hike. Its proposed solution involves a Pentagon blacklist.
Apple Mac Mini on a Desk

A few days ago, Apple announced an ugly mid-cycle price hike, blaming the worsening-by-the-day memory crisis. According to the Financial Times, the company is now lobbying the government for approval to buy memory chips from a Chinese company. 

The company in question is CXMT, a Chinese chipmaker that the Pentagon added to its Chinese Military Company blacklist for alleged ties to the Chinese army.

Read more